Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salvatore fresta vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2011-0511
SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the id parameter to index.php.
Joomtraders Com Allcinevid 1.0.0
1 EDB exploit
755
VMScore
CVE-2010-2909
SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the cid parameter in a video action to index.php.
Toughtomato Com Ttvideo 1.0
1 EDB exploit
755
VMScore
CVE-2009-4801
EZ-Blog Beta 1 does not require authentication, which allows remote malicious users to create or delete arbitrary posts via requests to PHP scripts.
Will Kraft Ez-blog -
1 EDB exploit
685
VMScore
CVE-2009-1453
SQL injection vulnerability in class.eport.php in Tiny Blogr 1.0.0 rc4, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the txtUsername parameter (aka the Username field). NOTE: some of these details are obtained from third p...
Anoochit Chalothorn Tiny Blogr 1.0.0
1 EDB exploit
685
VMScore
CVE-2009-0409
SQL injection vulnerability in offline_auth.php in Max.Blog 1.0.6 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the username parameter.
Mzbservices Max.blog 1.0.6
1 EDB exploit
755
VMScore
CVE-2009-4791
Multiple SQL injection vulnerabilities in Family Connections (aka FCMS) prior to 1.8.2 allow remote malicious users to execute arbitrary SQL commands via the (1) letter parameter to addressbook.php, (2) id parameter to recipes.php, (3) year parameter to register.php, (4) poll_id ...
Ryan Haudenschilt Family Connections 1.6.4
Ryan Haudenschilt Family Connections 1.6.3
Ryan Haudenschilt Family Connections 1.3
Ryan Haudenschilt Family Connections 1.2
Ryan Haudenschilt Family Connections 0.9.2
Ryan Haudenschilt Family Connections 0.9.1
Ryan Haudenschilt Family Connections
Ryan Haudenschilt Family Connections 1.8
Ryan Haudenschilt Family Connections 1.7.4
Ryan Haudenschilt Family Connections 1.6.2
Ryan Haudenschilt Family Connections 1.6.1
Ryan Haudenschilt Family Connections 1.1.2
Ryan Haudenschilt Family Connections 1.1.1
Ryan Haudenschilt Family Connections 0.9
Ryan Haudenschilt Family Connections 0.8
Ryan Haudenschilt Family Connections 1.7.1
Ryan Haudenschilt Family Connections 1.7
Ryan Haudenschilt Family Connections 1.4
Ryan Haudenschilt Family Connections 1.3.1
Ryan Haudenschilt Family Connections 0.9.8
Ryan Haudenschilt Family Connections 0.9.5
Ryan Haudenschilt Family Connections 0.1.2
1 EDB exploit
755
VMScore
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote malicious users to execute arbitrary SQL commands via the (1) article_id parameter to view.php and the (2) a parameter in an event action to calendar.php, reachable through index.php.
Community Cms Community Cms 0.5
1 EDB exploit
685
VMScore
CVE-2009-4805
Multiple SQL injection vulnerabilities in EZ-Blog Beta 1, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via (1) the storyid parameter to public/view.php or (2) the kill parameter to admin/remove.php.
Will Kraft Ez-blog -
1 EDB exploit
685
VMScore
CVE-2009-4925
Multiple SQL injection vulnerabilities in Portale e-commerce Creasito (aka creasito e-commerce content manager) 1.3.16, when magic_quotes_gpc is disabled, allow remote malicious users to execute arbitrary SQL commands via the username parameter to (1) admin/checkuser.php and (2) ...
Creasito Creasito E-commerce Content Manager 1.3.16
1 EDB exploit
685
VMScore
CVE-2010-4517
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary SQL commands via the char parameter in an item action to index.php.
Harmistechnology Com Jeauto 1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »